You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@spark.apache.org by "Gengliang Wang (Jira)" <ji...@apache.org> on 2021/05/31 10:52:00 UTC

[jira] [Updated] (SPARK-35576) Redact the sensitive info in the result of Set command

     [ https://issues.apache.org/jira/browse/SPARK-35576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Gengliang Wang updated SPARK-35576:
-----------------------------------
    Description: 
Currently, the results of following SQL queries are not redacted:
```
SET [KEY];
SET;
```
For example:


{code:java}
scala> spark.sql("set javax.jdo.option.ConnectionPassword=123456").show()
+--------------------+------+
|                 key| value|
+--------------------+------+
|javax.jdo.option....|123456|
+--------------------+------+


scala> spark.sql("set javax.jdo.option.ConnectionPassword").show()
+--------------------+------+
|                 key| value|
+--------------------+------+
|javax.jdo.option....|123456|
+--------------------+------+


scala> spark.sql("set").show()
+--------------------+--------------------+
|                 key|               value|
+--------------------+--------------------+
|javax.jdo.option....|              123456|

{code}

We should hide the sensitive information and redact the query output.

  was:
Currently, the results of following SQL queries are not redacted:
```
SET [KEY];
SET;
```
For example:
```
scala> spark.sql("set javax.jdo.option.ConnectionPassword=123456").show()
+--------------------+------+
|                 key| value|
+--------------------+------+
|javax.jdo.option....|123456|
+--------------------+------+


scala> spark.sql("set javax.jdo.option.ConnectionPassword").show()
+--------------------+------+
|                 key| value|
+--------------------+------+
|javax.jdo.option....|123456|
+--------------------+------+


scala> spark.sql("set").show()
+--------------------+--------------------+
|                 key|               value|
+--------------------+--------------------+
|javax.jdo.option....|              123456|
```
We should hide the sensitive information and redact the query output.


> Redact the sensitive info in the result of Set command
> ------------------------------------------------------
>
>                 Key: SPARK-35576
>                 URL: https://issues.apache.org/jira/browse/SPARK-35576
>             Project: Spark
>          Issue Type: Task
>          Components: Security, SQL
>    Affects Versions: 3.2.0
>            Reporter: Gengliang Wang
>            Assignee: Gengliang Wang
>            Priority: Major
>
> Currently, the results of following SQL queries are not redacted:
> ```
> SET [KEY];
> SET;
> ```
> For example:
> {code:java}
> scala> spark.sql("set javax.jdo.option.ConnectionPassword=123456").show()
> +--------------------+------+
> |                 key| value|
> +--------------------+------+
> |javax.jdo.option....|123456|
> +--------------------+------+
> scala> spark.sql("set javax.jdo.option.ConnectionPassword").show()
> +--------------------+------+
> |                 key| value|
> +--------------------+------+
> |javax.jdo.option....|123456|
> +--------------------+------+
> scala> spark.sql("set").show()
> +--------------------+--------------------+
> |                 key|               value|
> +--------------------+--------------------+
> |javax.jdo.option....|              123456|
> {code}
> We should hide the sensitive information and redact the query output.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org